What to do now and how to plan and prepare for future cyber-attacks
Friday’s WannaCry cyber-attack has kicked up quite a storm. The global reach has been unprecedented and the language used to describe it, nothing short of incendiary. The Microsoft president, Brad Smith called it the equivalent of “the U.S. military having some of its Tomahawk missiles stolen.”
He claimed it represented “a disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.”
Those organisations affected by the ransomware appear to be using operating systems and software not updated with the most recent security patches, particularly Windows XP.
In the UK, the government’s National Cyber Security Centre (NCSC) put out a message this morning saying they thought it highly likely that further cases of ransomware would come to light, “possibly at a significant scale.”
Protect your business against WannaCry and other ransomware
Cyber security expert Ken Munro from Pen Test Partners says on this occasion the bad guys found a software loophole to exploit and worryingly that the malware they used, though incredibly disruptive, wasn’t particularly effective as very few people paid the ransom demands. The scary prospect is that if another opportunity presents itself the cyber-criminals may come better prepared.
Munro makes it clear there are two courses of action that all organisations need to take right now for the cyber-protection of their business. Firstly you need to ‘patch’ – make sure all your systems and anti-virus software are up to date. Patching should stop the malware from spreading to your IT systems.
Then once this is done, back-up all your data and in Ken’s words “pull the plug” and check to see whether the back-up has actually worked.
The NCSC put their advice in these simple terms:
- Keep your organisation’s security software patches up to date
- Use proper antivirus software services
- Most importantly for ransomware, back up the data that matters to you, because you can’t be held to ransom for data you hold somewhere else.
Patching and back-up will help to a great extent, but training also has a big role to play. Staff need to be aware of the dangers posed by phishing emails, they need to be vigilant and coached not to click on links or open attachments from unknown or doubtful sources.
The threat posed by the WannaCry malware hasn’t gone away and there now seems to be an ever present cyber-menace. So how can companies prepare for future cyber-meltdowns?
Organisations need to feel confident their plans and predicted response is both appropriate and effective. This requires risk assessment. Following that, plans need to be updated and then tested during a simulation exercise to verify their effectiveness. On top of that staff must be aware of their roles and responsibilities.
Practice and training is the best way to ensure your organisation has the appropriate capability to respond to a cyber-attack; both in terms of managing risks and in making sure your staff understand exactly what is expected of them.
Crisis Solutions can provide that reassurance by ensuring that relevant lessons are captured during a crisis simulation exercise. This will allow you to make informed decisions and help keep your organisation safe should you find yourself in the cross-hairs of a cyber-attack.